CDK Global Pays $25M Bitcoin to End Ransomware Attack

CDK Global Pays $25M Bitcoin to End Ransomware Attack

By Piotr Borowczyk

15 Jul 2024 (4 months ago)

2 min read

Share:

CDK Global paid $25 million in Bitcoin to resolve a ransomware attack that disrupted software for 15,000 US car dealerships, according to investigator ZachXBT.

CDK Global, a major software provider for car dealerships, recently suffered a significant ransomware attack. According to ZachXBT, an on-chain investigator, the company paid $25 million in Bitcoin to address the issue. The attack disrupted software operations for around 15,000 US car dealerships.

On June 21, CDK Global transferred 387 BTC to an address linked to the BlackSuit ransomware group, which quickly moved the funds to centralized exchanges. BlackSuit, a notable ransomware group since 2023, has targeted several US companies. A Bloomberg report suggested that CDK Global planned to pay a ransom to prevent data from being released. Although CDK has not confirmed the payment, it announced that nearly all of its 15,000 dealership clients were back online last week.

Ransomware involves malware that blocks access to computer systems or data, demanding a ransom in cryptocurrency for release. According to Chainalysis, crypto-related ransomware payments almost doubled to over $1 billion in 2023. The extortion group “cl0p” made nearly $100 million by exploiting the file-sharing software MOVEit.

The ransomware landscape is expanding, attracting new players due to the potential for high profits and low entry barriers. Reports indicate that Black Basta extorted at least $107 million in Bitcoin, with much of it going to the sanctioned Russian crypto exchange, Garantex. In February, a Bitcoin ransomware attack targeted Romanian hospitals, demanding 3.5 BTC.

These incidents have led federal agencies like the US Federal Bureau of Investigations (FBI) to issue advisories about ransomware threats. The FBI advises companies to regularly update software and conduct vulnerability assessments.

In conclusion, the ransomware attack on CDK Global highlights the growing threat of such cyber activities. Despite efforts to secure systems, ransomware groups' persistence and sophistication continue to pose significant challenges. Companies must remain vigilant and proactive in cybersecurity measures to reduce the risks and impacts of future attacks.

Share:
Go back to All News
Previous article

Binance CEO Reflects on ...

 Binance CEO Reflects on 7-Year Journey
Next article

Dutch Court Denies Bail for ...

Dutch Court Denies Bail for Tornado Cash Developer